2024-04-18 05:02:11 +00:00
|
|
|
// Copyright 2024 Matthew Rich <matthewrich.conf@gmail.com>. All rights reserved.
|
|
|
|
|
|
|
|
|
|
package signature
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"crypto"
|
|
|
|
|
"crypto/rand"
|
|
|
|
|
"crypto/rsa"
|
|
|
|
|
"crypto/sha256"
|
2024-04-18 06:20:38 +00:00
|
|
|
_ "crypto/x509"
|
|
|
|
|
_ "encoding/pem"
|
|
|
|
|
_ "fmt"
|
|
|
|
|
_ "os"
|
|
|
|
|
"errors"
|
2024-04-18 05:02:11 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var ErrInvalidSignature error = errors.New("Invalid signature")
|
|
|
|
|
|
|
|
|
|
type Ident struct {
|
|
|
|
|
authorized []string
|
|
|
|
|
publicKey *rsa.PublicKey
|
|
|
|
|
privateKey *rsa.PrivateKey
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewIdent() *Ident {
|
|
|
|
|
i := &Ident{}
|
|
|
|
|
i.authorized = []string{ "*" }
|
2024-04-22 06:11:17 +00:00
|
|
|
if e := i.Generate(); e != nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2024-04-18 05:02:11 +00:00
|
|
|
return i
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (i *Ident) Generate() error {
|
|
|
|
|
var err error
|
|
|
|
|
i.privateKey, err = rsa.GenerateKey(rand.Reader, 2048)
|
2024-04-18 06:20:38 +00:00
|
|
|
i.publicKey = &i.privateKey.PublicKey
|
2024-04-18 05:02:11 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (i *Ident) Sign(data []byte) ([]byte, error) {
|
|
|
|
|
checksum := sha256.Sum256(data)
|
|
|
|
|
sig, e := rsa.SignPKCS1v15(rand.Reader, i.privateKey, crypto.SHA256, checksum[:])
|
|
|
|
|
if e != nil {
|
2024-04-18 06:20:38 +00:00
|
|
|
return nil, e
|
2024-04-18 05:02:11 +00:00
|
|
|
}
|
|
|
|
|
return sig, e
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (i *Ident) Verify(data []byte, signature []byte) error {
|
|
|
|
|
checksum := sha256.Sum256(data)
|
|
|
|
|
return rsa.VerifyPKCS1v15(i.publicKey, crypto.SHA256, checksum[:], signature)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (i *Ident) VerifySum(checksum []byte, signature []byte) error {
|
|
|
|
|
return rsa.VerifyPKCS1v15(i.publicKey, crypto.SHA256, checksum[:], signature)
|
|
|
|
|
}
|
|
|
|
|
|
